Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hfh7De-za2btOM3bR9iojTr04gk.roa
File: Hfh7De-za2btOM3bR9iojTr04gk.roa (raw, json)
Hash identifier: gk1lVcC9lzHYcFbBusTYuIcvzaM8WEgKiTjQzQiq9po=
Subject key identifier: 1D:F8:7B:0D:EF:B3:6B:66:ED:38:CD:DB:47:D8:A8:8D:3A:F4:E2:09
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01860136B618A3BE4D0EF081AE0FD15454B7
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hfh7De-za2btOM3bR9iojTr04gk.roa
Signing time: Mon 30 Jan 2023 05:46:48 +0000
ROA not before: Mon 30 Jan 2023 05:46:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207713
IP address blocks: 194.87.218.0/24 maxlen: 24
194.87.216.0/24 maxlen: 24
195.133.88.0/24 maxlen: 24
194.87.31.0/24 maxlen: 24
194.87.45.0/24 maxlen: 24
212.192.14.0/24 maxlen: 24
194.87.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Apr 2023 16:06:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:01:36:b6:18:a3:be:4d:0e:f0:81:ae:0f:d1:54:54:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 30 05:46:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1df87b0defb36b66ed38cddb47d8a88d3af4e209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a0:10:a4:86:8d:a1:5f:6c:56:53:3c:d5:36:
6e:87:96:2c:27:0f:1d:89:cd:0c:80:9e:d8:1a:e2:
70:2c:04:64:6e:a1:85:38:ae:21:b9:f1:4e:c2:3a:
b1:eb:1a:b5:4b:c0:6b:1d:35:44:c9:80:3f:6d:d8:
4d:36:1a:50:13:6a:a7:1d:82:9e:ba:0b:a8:d2:90:
5f:a7:35:a7:a5:6d:44:81:68:dd:21:eb:21:b2:1d:
c2:4e:6c:4c:89:69:43:d4:99:17:a8:c5:28:c9:e0:
2b:22:bd:50:0b:ca:03:35:b8:75:81:59:d6:89:e7:
23:e6:58:02:e2:03:05:60:34:8f:55:67:73:d7:1c:
b9:25:ec:c6:2a:9a:b7:cb:49:e1:ab:35:cf:ca:36:
85:26:86:2b:ef:51:ec:6e:bd:bb:d6:8b:00:f1:be:
b5:a8:78:2f:05:47:1a:2f:c6:27:7d:9e:90:31:da:
e4:5f:cb:e5:83:6c:e9:de:4f:b4:e9:59:dd:c9:aa:
0a:10:c6:35:b3:16:aa:4c:28:d4:33:9b:36:9a:c5:
07:2b:a9:bc:0e:27:79:12:84:21:38:83:de:a8:f1:
5b:9d:59:43:1e:b7:45:c8:fb:04:20:d8:b7:59:d0:
89:7b:b6:4a:c6:54:38:f7:30:6d:48:db:3c:e8:02:
31:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F8:7B:0D:EF:B3:6B:66:ED:38:CD:DB:47:D8:A8:8D:3A:F4:E2:09
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/Hfh7De-za2btOM3bR9iojTr04gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.31.0/24
194.87.45.0/24
194.87.71.0/24
194.87.216.0/24
194.87.218.0/24
195.133.88.0/24
212.192.14.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:90:01:fd:b2:fc:67:0a:e1:26:04:ec:eb:93:d3:b8:90:75:
82:05:eb:2d:38:cf:18:7c:ff:97:62:d2:95:4d:64:43:6e:d6:
7e:7b:67:e6:c7:a8:88:6f:d3:08:01:f2:17:fc:d0:b5:99:a1:
7a:0e:6c:0a:43:d2:d1:ea:71:c0:87:71:76:0c:24:3f:04:df:
12:0d:ee:14:89:5e:ec:23:ce:a0:96:05:59:0b:69:67:9a:51:
5d:ac:3c:58:65:10:f0:b4:1d:33:47:6d:71:8e:5c:1c:65:bc:
45:3e:f5:e7:c2:a0:98:e0:2a:4d:fa:df:96:0e:64:18:e7:ae:
54:a9:1c:d2:34:71:0b:a2:fd:dd:5a:9c:5f:cd:bb:0f:f1:bc:
8a:69:55:cc:88:80:30:2a:ee:01:03:6a:9c:36:4d:a3:73:65:
07:da:83:f5:7d:e5:26:3b:ae:97:4f:53:2e:d8:d6:78:be:9f:
78:47:36:44:54:1c:c4:4d:2a:89:d0:3f:8d:e0:01:67:51:c0:
40:59:fe:4e:89:2a:a0:e3:b5:28:2a:26:58:c6:d2:fc:83:49:
40:8b:4e:38:0b:df:6c:5d:27:28:6d:b6:25:83:5b:4b:8f:b8:
19:78:b9:9c:11:dd:b6:eb:68:96:b8:3b:a6:e7:23:93:fb:bd:
45:2d:19:0b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYYBNrYYo75NDvCBrg/RVFS3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwMTMwMDU0NjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGY4N2IwZGVmYjM2YjY2ZWQzOGNkZGI0N2Q4YTg4ZDNhZjRlMjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6AQpIaNoV9sVlM81TZuh5YsJw8d
ic0MgJ7YGuJwLARkbqGFOK4hufFOwjqx6xq1S8BrHTVEyYA/bdhNNhpQE2qnHYKe
uguo0pBfpzWnpW1EgWjdIeshsh3CTmxMiWlD1JkXqMUoyeArIr1QC8oDNbh1gVnW
iecj5lgC4gMFYDSPVWdz1xy5JezGKpq3y0nhqzXPyjaFJoYr71Hsbr271osA8b61
qHgvBUcaL8YnfZ6QMdrkX8vlg2zp3k+06VndyaoKEMY1sxaqTCjUM5s2msUHK6m8
Did5EoQhOIPeqPFbnVlDHrdFyPsEINi3WdCJe7ZKxlQ49zBtSNs86AIxZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFB34ew3vs2tm7TjN20fYqI069OIJMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvSGZoN0RlLXphMmJ0T00zYlI5aW9qVHIwNGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwlcfAwQA
wlctAwQAwldHAwQAwlfYAwQAwlfaAwQAw4VYAwQA1MAOMA0GCSqGSIb3DQEBCwUA
A4IBAQCOkAH9svxnCuEmBOzrk9O4kHWCBestOM8YfP+XYtKVTWRDbtZ+e2fmx6iI
b9MIAfIX/NC1maF6DmwKQ9LR6nHAh3F2DCQ/BN8SDe4UiV7sI86glgVZC2lnmlFd
rDxYZRDwtB0zR21xjlwcZbxFPvXnwqCY4CpN+t+WDmQY565UqRzSNHELov3dWpxf
zbsP8byKaVXMiIAwKu4BA2qcNk2jc2UH2oP1feUmO66XT1Mu2NZ4vp94RzZEVBzE
TSqJ0D+N4AFnUcBAWf5OiSqg47UoKiZYxtL8g0lAi044C99sXScobbYlg1tLj7gZ
eLmcEd2262iWuDum5yOT+71FLRkL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:12 2024 by rpki-client on console-fra.rpki-client.org